From 3cd0710ce5d201f5be17b2164c766d94f7015b5c Mon Sep 17 00:00:00 2001
From: An Tran <tkan145@gmail.com>
Date: Thu, 23 Nov 2023 20:23:44 +1000
Subject: [PATCH] backend-cache-handler.t conversion to APIcast::Blackbox

---
 t/backend-cache-handler.t | 130 ++++++++++++++++++--------------------
 1 file changed, 62 insertions(+), 68 deletions(-)

diff --git a/t/backend-cache-handler.t b/t/backend-cache-handler.t
index c21bdc8ab..dca29b286 100644
--- a/t/backend-cache-handler.t
+++ b/t/backend-cache-handler.t
@@ -1,5 +1,5 @@
 use lib 't';
-use Test::APIcast 'no_plan';
+use Test::APIcast::Blackbox 'no_plan';
 
 repeat_each(1); # Can't be two as the second call would hit the cache
 run_tests();
@@ -8,45 +8,39 @@ __DATA__
 
 === TEST 1: resilient backend will keep calls through without backend connection
 When backend returns server error the call will be let through.
---- main_config
-env APICAST_BACKEND_CACHE_HANDLER=resilient;
---- http_config
-  include $TEST_NGINX_UPSTREAM_CONFIG;
-  lua_package_path "$TEST_NGINX_LUA_PATH";
-  init_by_lua_block {
-    require('apicast.configuration_loader').mock({
-      services = {
-        {
-          id = 42,
-          backend_version = 1,
-          proxy = {
-            api_backend = "http://127.0.0.1:$TEST_NGINX_SERVER_PORT/api-backend/",
-            proxy_rules = {
-              { pattern = '/', http_method = 'GET', metric_system_name = 'hits', delta = 2 }
-            }
-          }
-        }
+--- env random_port eval
+(
+  'APICAST_BACKEND_CACHE_HANDLER' => 'resilient'
+)
+--- configuration
+{
+  "services": [
+    {
+      "id": 42,
+      "backend_version":  1,
+      "backend_authentication_type": "service_token",
+      "backend_authentication_value": "token-value",
+      "proxy": {
+        "api_backend": "http://test:$TEST_NGINX_SERVER_PORT/api-backend/",
+        "proxy_rules": [
+          { "pattern": "/", "http_method": "GET", "metric_system_name": "hits", "delta": 2 }
+        ]
       }
-    })
-
+    }
+  ]
+}
+--- backend
+  access_by_lua_block {
     require('apicast.proxy').shared_cache():set('42:foo:usage%5Bhits%5D=2', 200)
   }
-  lua_shared_dict api_keys 10m;
---- config
-  include $TEST_NGINX_APICAST_CONFIG;
 
   location /transactions/authrep.xml {
     content_by_lua_block { ngx.exit(502) }
   }
-
+--- upstream
   location /api-backend/ {
      echo 'yay, api backend';
   }
-
-  location = /t {
-    echo_subrequest GET /test/one -q user_key=value;
-    echo_subrequest GET /test/two -q user_key=value;
-  }
 --- request eval
 ["GET /test?user_key=foo", "GET /foo?user_key=foo"]
 --- response_body eval
@@ -57,50 +51,50 @@ env APICAST_BACKEND_CACHE_HANDLER=resilient;
 
 === TEST 2: strict backend will remove cache after not successful status
 When backend returns server error the next call will be reauthorized.
---- main_config
-env APICAST_BACKEND_CACHE_HANDLER=strict;
---- http_config
-  include $TEST_NGINX_UPSTREAM_CONFIG;
-  lua_package_path "$TEST_NGINX_LUA_PATH";
-  init_by_lua_block {
-    require('apicast.configuration_loader').mock({
-      services = {
-        {
-          id = 42,
-          backend_version = 1,
-          proxy = {
-            error_status_auth_failed = 402,
-            error_auth_failed = 'credentials invalid!',
-            api_backend = "http://127.0.0.1:$TEST_NGINX_SERVER_PORT/api-backend/",
-            proxy_rules = {
-              { pattern = '/', http_method = 'GET', metric_system_name = 'hits', delta = 2 }
-            }
-          }
-        }
+In order to test this, we returns 200 on the first call, and
+502 on the rest. We need to test that the first call is authorized, the
+second is too because it will be cached, and the third will not be authorized
+because the cache was cleared in the second call.
+--- env eval
+(
+  'APICAST_BACKEND_CACHE_HANDLER' => 'strict'
+)
+--- configuration
+{
+  "services": [
+    {
+      "id": 42,
+      "backend_version":  1,
+      "backend_authentication_type": "service_token",
+      "backend_authentication_value": "token-value",
+      "proxy": {
+        "api_backend": "http://test:$TEST_NGINX_SERVER_PORT/api-backend/",
+        "proxy_rules": [
+          { "pattern": "/", "http_method": "GET", "metric_system_name": "hits", "delta": 2 }
+        ]
       }
-    })
-
-    require('apicast.proxy').shared_cache():set('42:foo:usage%5Bhits%5D=2', 200)
-  }
-  lua_shared_dict api_keys 10m;
---- config
-  include $TEST_NGINX_APICAST_CONFIG;
-
+    }
+  ]
+}
+--- backend
   location /transactions/authrep.xml {
-    content_by_lua_block { ngx.exit(502) }
+    content_by_lua_block {
+      local test_counter = ngx.shared.test_counter or 0
+      if test_counter == 0 then
+        ngx.shared.test_counter = test_counter + 1
+        ngx.exit(200)
+      else
+        ngx.exit(502)
+      end
+    }
   }
-
+--- upstream
   location /api-backend/ {
      echo 'yay, api backend';
   }
-
-  location = /t {
-    echo_subrequest GET /test/one -q user_key=value;
-    echo_subrequest GET /test/two -q user_key=value;
-  }
 --- request eval
-["GET /test?user_key=foo", "GET /foo?user_key=foo"]
+["GET /test?user_key=foo", "GET /foo?user_key=foo", "GET /?user_key=foo"]
 --- response_body eval
-["yay, api backend\x{0a}", "credentials invalid!" ]
+["yay, api backend\x{0a}", "yay, api backend\x{0a}", "Authentication failed"]
 --- error_code eval
-[ 200, 402 ]
+[ 200, 200, 403 ]